Microsoft Exchange 2010 Journaling – A Guide

Purpose of Exchange 2010 Journaling:

Exchange 2010 Journaling may aid a company to comply with permissible and mandatory auditing requirements by keeping track of all incoming and outgoing e-mail conversations. It enables a company to maintain and keep a record of its email-based informational assets.

Standard vs. Premium Journaling in Exchange 2010:

Do I need any licenses to implement Exchange 2010 Journaling?

Exchange 2010 Journaling comes in two flavors: Standard and Premium. The former needs a “StandardCALfor Exchange 2010” to work while the latter needs “EnterpriseCALfor Exchange 2010”. Please note and differentiate here between the server and client access license (CAL). Exchange Server 2010 Enterprise license may or may not come with an Exchange Server 2010 Enterprise CAL license. Please refer to your Microsoft license agreement or contact your Microsoft partner or reseller for details.

Functionality differences between Standard vs. Premium Journaling

Standard or Per-Mailbox Database journaling enables a company to keep a copy of “all inbound and outbound messages” in a secure/safe journaling Exchange mailbox. This copy includes all the incoming and outgoing messages that are sent to and received by all the end-users that have their Exchange mailboxes hosted on a particular Exchange mailbox database specified during Journaling configuration.

Premium or Custom journaling allows more control for recording this email information asset. It allows for more scoping options. You can custom define and implement exactly what type of email communication (internal: incoming and outgoing within organization ORexternal: emails incoming from and outgoing to outside/foreign/external domains and organizations only ORglobal: both internal and external) to record and for exactly which user or users (in the form of distribution lists).

Identifying the requirements:

Scenario

A company XYZ is using Microsoft Exchange Server 2010. Due to a recent audit and legal compliance requirements, it wants all its external email assets to be recorded in a single mailbox that either leave or enter its premises.

– Journaling Type: Company XYZ needs the “Premium Journaling” to be implemented

– Go to the LUN where you like to create and keep the Journaling Database, and manually create two folders called XYZ-JOURNAL DB and XYZ-JOURNAL LOG. In case, you have implemented DAG and you have other DAG mailbox member servers too, these folders will be created automatically.

– Open Exchange Management Console (EMC) in one of your mailbox exchange servers.

– Create a new Journaling Database by selecting “New Mailbox Database…” in the action pane. Specify the name of the Journaling Database as “XYZ-JOURNAL-DB”. Follow the wizard and identify the Database file path as DRIVELETTER:\XYZ-JOURNAL DB\JOURNAL.EDB and log folderpath as DRIVELETTER:\XYZ-JOURNAL LOG. Once the wizard finishes and the database is mounted

– Optional: Configure the database replication partner in the other mailbox servers by selecting “Add Mailbox Database Copy…” in the action pane. Specify the other Mailbox server name in the wizard. This will ensure that DAG take cares for automatic database failover in case the mounted database goes down.

– Confirm whether the database .EDB file is now created in the XYZ-JOURNAL DB folder by going to the folder DRIVELETTER:\XYZ-JOURNAL DB\.

Step 2: Create and Configure Journaling Mailbox:

– Open Exchange Management Shell (EMS) in any one of the exchange servers.

– Create a secure password string that will be used for authenticating into the journaling mailbox, when we want to test it, by using the EMS command typed below:

$password = Read-Host “Enter password” –AsSecureString

Once you hit Enter, you will see a password prompt, provide a password, let’s say “Journal@123” here and press enter again. After you press Enter, this password will be saved by the EMS to be used in the next step.

– Create a new Journaling mailbox, that will be used to host/record all the journaled emails, by typing the command below:

– In case, your security administrator ALEX, having AD user name ALEX would also like to monitor all these journaled emails and needs full access on this journaling mailbox, you can him grant full access permissions to this journaling mailbox by using the following EMS command:

Notice that in above EMS command, we created and enabled a new journaling rule called “External Journal Rule” that uses journaling mailbox called “JOURNAL-MBX” to record all the external emails only.

– Finally set all (I am assuming we have two mailbox databases only named XYZ-MANAGEMENT-DB and XYZ-STAFF-DB) the mailbox databases in XYZ.COM exchange organization to use the JOURNAL-MBX mailbox as their journal recipient to implement journaling by using the following command: